package com.ztesoft.report.controller;

import cn.hutool.core.date.DateField;
import cn.hutool.core.date.DateTime;
import cn.hutool.core.date.DateUtil;
import com.ztesoft.report.base.controller.BaseController;
import com.ztesoft.report.service.UserService;
import com.ztesoft.report.utils.AESUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @author :xie
 * Email: 1487471733@qq.com
 * Date: 2018/7/24
 * Time: 14:56
 * Describe:
 */
@RequestMapping("/user")
@RestController
public class UserController extends BaseController {

    @Autowired
    private UserService userService;


    @RequestMapping("/isPression")
    public Map index(String staffId, String operateTime, String gsReportTradeId,String signmsg, @RequestParam(required = false)String href, HttpServletRequest request, HttpServletResponse response){

        HttpSession session = request.getSession();

        session.setAttribute("userId",staffId);



        Map map=new HashMap(2);
        List<String> listUserPermCode = userService.getListUserPermCode(staffId,href);
        map.put("listUserPermCode",listUserPermCode);
        //验证url参数是否合法
        boolean comparison=AESUtil.Comparison(staffId,operateTime,gsReportTradeId,signmsg);
        if (comparison==false){
            map.put("isPression",false);
            map.put("msg","参数验证失败");
            return map;
        }

        Date date = DateUtil.date();
        DateTime yyyyMMddHHmmss = DateUtil.parse(operateTime, "yyyyMMddHHmmss");
        boolean expired = DateUtil.isExpired(yyyyMMddHHmmss, DateField.MINUTE, 3, date);
/*        if (!expired){
            map.put("isPression",false);
            map.put("msg","超时，请重新请求");
            return map;
        }*/


        //当用户id为1 时，跳过验证
        if (staffId.equals("1")){
            map.put("isPression",true);
            map.put("msg","超级管理员，无需验证");
            return map;
        }else {
            boolean isPressionMenu=isPressionMenu(staffId,operateTime,gsReportTradeId,signmsg,href);
            map.put("isPression",isPressionMenu);
            if (isPressionMenu==false){
                map.put("msg","对不起，您没有权限访问此页面");
                return map;
            }
        }

        Map map1 = (Map) session.getAttribute("map");

        if (map1==null||!staffId.equals(map1.get("userId"))) {
            Map map2=new HashMap(2);
            List<String> list= userService.queryAllPerms(staffId);
            map2.put("userId",staffId);
            map2.put("queryAllPerms",list);
            session.setAttribute("map",map2);
            System.out.println("map为空，给map注入数据:"+list);
        }



        return map;
    }
}
